A newly installed antivirus utility needs the ability to root out any malware that may already be present, but it should also work to fend off any new attacks. Almost all products in this field do both, but there are exceptions. Heimdal Threat Prevention Home focuses on detecting and preventing attacks, even stealthy zero-days. It leaves detection of existing malware to a separate product, Heimdal Next-Gen Antivirus Home. Thanks to technology trickle-down from Heimdal’s enterprise security offerings, this antivirus has unusually strong protection against zero-day attacks and the very latest malware. However, the average consumer would probably be happier with an antivirus like Bitdefender or Kaspersky that covers all the bases.
What Does Heimdal Threat Prevention Cost?
Who has just one computer to protect these days? Not Heimdal’s customers, apparently. A one-year subscription costs $69.95 and gets you three licenses. Bitdefender Antivirus Plus costs about $10 less, as do standalone antivirus utilities from ESET and Kaspersky. Three Panda Dome Essential licenses will set you back $70.99.
At the five-license mark, Heimdal’s $97.95 price tag is almost $20 more than the price of a Malwarebytes, ESET, or Kaspersky Anti-Virus five-pack. And $164.95 for 10 licenses is well over twice what you’d pay for a 10-pack of Sophos Home Premium licenses. Note, too, that all the products I’ve named for comparison include the usual detection of malware files, while Heimdal Threat Prevention focuses solely on attack vectors.
Split Malware Protection
Heimdal’s main strategic focus lies with its enterprise-level tools, but the home products benefit from the technology that powers these tools. The company is working on renaming the home products. Heimdal Threat Prevention Home, reviewed here, was previously called Thor Foresight, and Heimdal Next-Gen Antivirus Home was previously Thor Vigilance. Indeed, at the time of this review the old names were still in use.
The product’s main window is divided into two main sections, labeled Thor Vigilance and Thor Foresight. A third product, Heimdal Premium Security Home, incorporates both. If you click the Thor Vigilance tab, you’ll see that all its features require an upgrade to the premium product.
So, what does Threat Prevention get you? The main tab is divided into four panels, named for four types of protection. DarkLayer Guard performs the expected screening for malicious and fraudulent websites, and can “mitigate zero-day exploits, ransomware, data leakage, and next-generation attacks.” TTPC identifies targeted processes—in my testing the only processes that showed up in its list were browsers.
VectorN Detection is harder to pin down. It’s described as using machine learning technology to analyze HTTP, HTTPS, and DNS traffic. According to the product itself, “It detects second-generation malware strains and even the most hidden threats that no other product can.” I didn’t find any way to see this component in action.
The final panel, X-Ploit Resilience, represents an unusually powerful automatic app update system, which I’ll describe below. Note that the Next-Gen Antivirus also includes X-Ploit Resilience.
No Traditional Antivirus
This product doesn’t scan for malware. When you click the scan button, it checks your system’s overall health. All I ever saw from this scan was “Your computer is healthy,” without any details on what constitutes a healthy computer.
There’s also no real-time malware protection. If a malicious program is already present on your system, Threat Prevention won’t necessarily do anything about it. What it does do is analyze network traffic and other events to prevent new attacks.
My standard test using a collection of existing malware isn’t relevant to this product, as it doesn’t attempt to recognize malicious files by signature or by behavior. That leaves my malicious URL blocking test, which starts with a feed of malware-hosting URLs recently discovered by the experts at London-based MRG-Effitas. I simply launch the URLs one after another and note whether the antivirus prevents access to the dangerous site, quarantines the malware payload, or does nothing at all.
Each time Heimdal blocks access to a dangerous page it displays a tiny transient popup in the bottom right corner of the screen. For standard HTTP addresses it also diverts the browser to a warning page. If the malware-hosting URL uses a secure HTTPS connection, the browser simply displays an error message.
Heimdal turned in a disappointing performance, preventing just 56% of the malware downloads. Only one recent product has earned a lower score. Heimdal Next-Gen Antivirus Home managed 74% strictly by eliminating the downloaded malware. And Heimdal Premium Security Home, employing both browser-level protection and scanning of malware payloads, earned a decent 91% score.
Even then, 91% is barely enough to get a product into the top half, score-wise. Using a combination of browser-level blocking and real-time scanning, McAfee earned a perfect 100% score. Bitdefender, Sophos Home Premium, and G Data all managed 99%.
Poor Phishing Protection
This product includes multiple layers of protection against modern high-tech threats that might weasel past simpler antivirus tools. Phishing, though, is the ultimate low-tech attack. A phishing fraudster doesn’t attempt to infiltrate the operating system or use technology to hide from an antivirus. Phishing works by attacking the weakest link—the user. If you’re bamboozled into giving your username and password to a phishing site, you’ve given away the corresponding account.
To test phishing protection, I start by gathering hundreds of reported frauds from websites that collect such things. I include both verified phishing frauds and sites too new to have hit the blacklists. Once I have my list for testing, I launch each URL in four browsers at once. The product under test protects one of the browsers, of course. The other three rely on the protection built into Chrome, Edge, and Firefox.
As with the malware-hosting URLs test, Heimdal earned a poor score, 44% detection. Only a handful of products have scored lower. All three of the browsers proved significantly more effective than Heimdal. At the top, F-Secure Safe and McAfee AntiVirus Plus detected 100% of the frauds presented to them.
See How We Test Security Software
Impressive Software Updater
Clever hackers spend their working hours finding security holes in popular programs. And clever developers invariably find a way to patch those holes. But if you, the user, fail to apply those patches, your systems remain vulnerable. Heimdal’s X-Ploit Resilience ensures that your apps get all the necessary updates so they can resist attacks that try to exploit security holes.
This component starts by checking for apps that it can patch. On my test system, it listed Chrome and Firefox as apps that might need patching. When I turned on monitoring for those two, the list changed to show Chrome was up to date, but Firefox lacked some security patches.
To enable ongoing protection, I turned on automatic updates for both browsers. Heimdal immediately started updating Firefox. Every user of this product needs to take that initial look at X-Ploit Resilience and turn on monitoring and automatic updates. Just set it and forget it. If you want to see what Heimdal has done for you, you can click View History.
Heimdal isn’t the only security company to offer patch management. Avira Free Security identifies apps needing updates, and its pro edition applies those updates automatically. Avast Free Antivirus offers a similar arrangement. But Heimdal goes beyond these with a feature called One Click App Install.
Really, it’s just a short step from updating an app that’s already installed to installing an app that isn’t. Heimdal lists over 100 apps, from 7-Zip to Zoom, that it can install for you at the click of a button. And of course, once it has performed the installation it can keep the app updated.
Not What the Average User Needs
Heimdal Threat Prevention Home takes technology that protects big businesses from ransomware and other high-level malware attacks and brings it into your home. It also protects you by steering the browser away from phishing sites, and from sites that host malware. That protection against dangerous and fraudulent sites is something consumers expect, more so than high-tech attacks that might concern an IT department. But most antivirus products build that protection into a fully functional malware-fighting system. With Heimdal, you don’t get antivirus basics, and you pay more than for our Editors’ Choice winners that cover all the bases.
For example, Kaspersky Anti-Virus routinely takes top scores from multiple independent labs, as does Bitdefender Antivirus Plus. A single McAfee AntiVirus Plus subscription lets you protect all your devices. And Webroot SecureAnywhere AntiVirus is the smallest and fastest of all. Most consumers will find one of these Editors’ Choice-winning antivirus apps both more effective and less expensive.